From nobody Fri Mar 22 13:41:14 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4V1NlQ0Qjzz5DxvH for ; Fri, 22 Mar 2024 13:41:22 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4V1NlQ098Tz4CTn; Fri, 22 Mar 2024 13:41:22 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1711114882; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=p51x+ittN3UBS8qg0sUpsrMkWWjc9/v7qOc80ALiCJU=; b=weGYsZndLXIRtgDUQYmXcyF7Eejs/rYbVjCLpeGn8LgiALH4wRKAb25cW28tKVQaTVXStd E9frl8SI40nUCQjnzCZm+jjB2CxFqZnmdk2Zb6sKkewo7raBmiS3uAIG9+S0l3PGNLwE3H ctuADfIlUDYy6kogMupiiKKjOIOkTW6Mr7FJL4LkX9W/pJPWpdhjd6q1IvQKMOyZgoGTOy sARUmjvwxvg3H7DwQKbcA+yM3kLJGK+Y6/xOLoQy3erbZ4yCLJWLT4SIQ5sOLmvrQCVX64 UFGh8v7A/I6CVg1VO+ackR+z4AU4PQfxk7xQ3aGy20SvBvwwL8GQaYxY9J/fgg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1711114882; a=rsa-sha256; cv=none; b=TV+0Avow49Jqu4pv4h6ZIJ/4OPQsTB4KLIx+VUuIKJzR/3//K6ajT368WDKCjtQftaF57P SQCVhEkb6nEaGjUDBqWPYNwbXO2bdxQL9f6n4Hwn+dHIzNM8BAc5ZFCPICTzmIbFJ66jap X/vm6bxKInPVmGRsFA1ljuaGB9QSZqbDB76oc+o4yy+DmtWq8CRT9DTK/jyE7OQvLMc176 tHHrne7D1rAzWpcv5QDpaf/WRdPQtixn/qYSCcccqGUCTsjJTVzdBPT8adh51A4vAsEJpe inSUaFxCcsKzv1bpfVFrXAKzzeQl4ZtSQANITvtXigfD0lCVi9aggrpanfyYzA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1711114882; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=p51x+ittN3UBS8qg0sUpsrMkWWjc9/v7qOc80ALiCJU=; b=U5oF0u/ygnDTaz4IncIujCL8pJEAbJUCqi1Ukol7hMvk+JUC7CBZjB1aoxeab7byVUdWWL GF4y2Oj9wuCtocm+/s/k23tDwPDxZWT++V0/sYHQXbpenec4ETDcperrpP6ut9llXOBEnm 2Xftph2+PVIeyL+cC6OAYCfiB3XolgiXbA2o+SkuoLXpmMaT5Npgn1q+Sn6Ia+mK/plfaF e90XLa3CIYbLsKi0fY98s1p3zlM/o4QWkByCrIvPb2cyJJ/FWzaUJtUXfSF9+Wa8oUgrOs T1BjjEE0OWq5Kiwj0sRuZc+lIJTm7l2jDXMXOLcUWgL7P3RZcglnBqHoXpIGKw== Received: from smtpclient.apple (ns1.oxydns.net [45.32.91.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4V1NlN0V2tz1ThH; Fri, 22 Mar 2024 13:41:19 +0000 (UTC) (envelope-from zlei@FreeBSD.org) From: Zhenlei Huang Message-Id: Content-Type: multipart/signed; boundary="Apple-Mail=_138E9550-2C3B-4A0C-B695-45F6695B4844"; protocol="application/pgp-signature"; micalg=pgp-sha512 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.8\)) Subject: Re: ipv4 route with ipv6 local link nexthop ? Date: Fri, 22 Mar 2024 21:41:14 +0800 In-Reply-To: <_dTkes6xnAAQDFSPOPVSOT7GfMjJzaajrkovO456NI6vBSNn7afe4S3p9UCvw35j_sMnvF_CYIDtmT5JcKm7nHhTSVV7VeW3NfdZCR2iTcA=@enki-multimedia.eu> Cc: Marek Zarychta , FreeBSD Net , FreeBSD Security Team To: Benoit Chesneau References: <367504DC-48DA-4DFD-9DB6-CC571F0D26B8@FreeBSD.org> <764E12BF-5D31-4905-98AE-6D745BFD1DC2@FreeBSD.org> <4380f799-b961-4daf-8514-679c06214d55@plan-b.pwste.edu.pl> <24620735-923d-4603-8c92-1d9b23d3ce80@plan-b.pwste.edu.pl> <323D6B49-EC5C-4011-8BBA-1EAB9DFC4BC2@FreeBSD.org> <1A5D703E-37B1-407C-8B72-0F4B62DC4219@FreeBSD.org> <_dTkes6xnAAQDFSPOPVSOT7GfMjJzaajrkovO456NI6vBSNn7afe4S3p9UCvw35j_sMnvF_CYIDtmT5JcKm7nHhTSVV7VeW3NfdZCR2iTcA=@enki-multimedia.eu> X-Mailer: Apple Mail (2.3696.120.41.1.8) --Apple-Mail=_138E9550-2C3B-4A0C-B695-45F6695B4844 Content-Type: multipart/alternative; boundary="Apple-Mail=_A305FDFA-DFEF-455B-9C05-5EFBCD190554" --Apple-Mail=_A305FDFA-DFEF-455B-9C05-5EFBCD190554 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Mar 22, 2024, at 5:05 PM, Benoit Chesneau = wrote: >=20 > Awesome! Do we have a chance it land in a patch release soon ? Or = better to use a STABLE until the 14.1 is released? >=20 Or you can stay on 14.0 If the workaround can fulfill. 14.1 is about to = be released at 18 June as per the schedule [1] , that is about 3 and half months. CCing secteam, I do not think there is any security impact so probably = it does not deserve an EN. See also the bug report = https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275341 = . 1. https://www.freebsd.org/releases/14.1R/schedule/ Best regards, Zhenlei >=20 > Beno=C3=AEt > On Thursday, March 14th, 2024 at 10:56, Zhenlei Huang = wrote: >>=20 >>=20 >>> On Mar 14, 2024, at 9:04 AM, Zhenlei Huang > wrote: >>>=20 >>>=20 >>>=20 >>>> On Mar 14, 2024, at 3:07 AM, Marek Zarychta = > = wrote: >>>>=20 >>>> W dniu 13.03.2024 o 18:59, Marek Zarychta pisze: >>>>> W dniu 13.03.2024 o 16:31, Benoit Chesneau pisze: >>>>>> Hrm I thought it was implemented via = https://reviews.freebsd.org/rG62e1a437f3285e785d9b35a476d36a469a90028d = >>>>>>=20 >>>>>> Wasn't it merged ? (also pretty sure I did test it in freebsd = 13). >>>>>>=20 >>>>> FWIW: it works fine on CURRENT >>>>>=20 >>>>> # ifconfig vlan8 destroy >>>>> # ifconfig vlan8 create vlandev bge0 vlan 8 up >>>>> # ifconfig vlan8 inet6 -ifdisabled auto_linklocal >>>>> # route add -net 10.11.13.0/24 -inet6 = fe80::360a:11ff:fe1b:404e%vlan8 >>>>> add net 10.11.13.0: gateway fe80::360a:11ff:fe1b:404e%vlan8 fib 0 >>>>>=20 >>>> It looks like the fix is in = f818559774cb0c1516364c4beca361480fd68b5b . Zhenlei, could you please MFC = this one[1] ? >>>>=20 >>>> Cherry-picking it to stable/14 makes route fully functional. I have = tested it between stable/14 with this fix applied and CURRENT. >>>=20 >>> Thanks for finding the fix and the confirmation , I'll take care of = that :) >>=20 >> Done. The fix and tests are all MFCed into stable/14 branch. >>=20 >>>=20 >>>>=20 >>>> Host A: >>>>=20 >>>> # ifconfig lo10 destroy >>>> # ifconfig lo10 create >>>> # ifconfig lo10 10.11.13.1/24 >>>> # ifconfig vlan8 destroy >>>> # ifconfig vlan8 create vlandev bge0 vlan 8 up >>>> # ifconfig vlan8 inet6 -ifdisabled auto_linklocal >>>> # route add -net 10.11.12.0/24 -inet6 = fe80::6ab5:99ff:febd:8108%vlan8 >>>> add net 10.11.12.0: gateway fe80::6ab5:99ff:febd:8108%vlan8 fib 0 >>>> # ping -c5 -S 10.11.13.1 10.11.12.1 >>>> PING 10.11.12.1 (10.11.12.1) from 10.11.13.1: 56 data bytes >>>> 64 bytes from 10.11.12.1: icmp_seq=3D0 ttl=3D64 time=3D2002.303 ms >>>> 64 bytes from 10.11.12.1: icmp_seq=3D1 ttl=3D64 time=3D1000.461 ms >>>> 64 bytes from 10.11.12.1: icmp_seq=3D2 ttl=3D64 time=3D0.167 ms >>>> 64 bytes from 10.11.12.1: icmp_seq=3D3 ttl=3D64 time=3D0.222 ms >>>> 64 bytes from 10.11.12.1: icmp_seq=3D4 ttl=3D64 time=3D0.207 ms >>>>=20 >>>> --- 10.11.12.1 ping statistics --- >>>> 5 packets transmitted, 5 packets received, 0.0% packet loss >>>> round-trip min/avg/max/stddev =3D 0.167/600.672/2002.303/800.763 ms >>>>=20 >>>> Host B: >>>>=20 >>>> # ifconfig lo10 destroy >>>> # ifconfig lo10 create >>>> # ifconfig lo10 10.11.12.1/24 >>>> # ifconfig vlan8 destroy >>>> ifconfig: interface vlan8 does not exist >>>> # ifconfig vlan8 create vlandev bce0 vlan 8 up >>>> # ifconfig vlan8 inet6 -ifdisabled auto_linklocal >>>> # route add -net 10.11.13.0/24 -inet6 = fe80::26be:5ff:fe10:c900%vlan8 >>>> add net 10.11.13.0: gateway fe80::26be:5ff:fe10:c900%vlan8 fib 0 >>>> # ping -c5 -S 10.11.12.1 10.11.13.1 >>>> PING 10.11.13.1 (10.11.13.1) from 10.11.12.1: 56 data bytes >>>> 64 bytes from 10.11.13.1: icmp_seq=3D0 ttl=3D64 time=3D1000.285 ms >>>> 64 bytes from 10.11.13.1: icmp_seq=3D1 ttl=3D64 time=3D0.141 ms >>>> 64 bytes from 10.11.13.1: icmp_seq=3D2 ttl=3D64 time=3D0.231 ms >>>> 64 bytes from 10.11.13.1: icmp_seq=3D3 ttl=3D64 time=3D0.235 ms >>>> 64 bytes from 10.11.13.1: icmp_seq=3D4 ttl=3D64 time=3D0.174 ms >>>>=20 >>>> --- 10.11.13.1 ping statistics --- >>>> 5 packets transmitted, 5 packets received, 0.0% packet loss >>>> round-trip min/avg/max/stddev =3D 0.141/200.213/1000.285/400.036 ms >>>>=20 >>>> 1. = https://cgit.freebsd.org/src/commit/?id=3Df818559774cb0c1516364c4beca36148= 0fd68b5b = >>>>=20 >>>> Cheers >>>>=20 >>>> -- >>>> Marek Zarychta >>=20 >>=20 >>=20 >=20 --Apple-Mail=_A305FDFA-DFEF-455B-9C05-5EFBCD190554 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8

On Mar 22, 2024, at 5:05 PM, Benoit Chesneau <benoitc@enki-multimedia.eu> wrote:

Awesome! Do we have a chance it = land in a patch release soon ? Or better to use a STABLE until the 14.1 = is released? 


Or you can stay on 14.0 If the workaround can = fulfill. 14.1 is about to be released at 18 June as per = the
schedule [1] , that is about 3 and half = months.

CCing secteam, I do not = think there is any security impact so probably it does not deserve an = EN.


=
Best regards,
Zhenlei


Beno=C3=AEt 
On Thursday, March 14th, 2024 at 10:56, Zhenlei Huang <zlei@FreeBSD.org> = wrote:


On Mar 14, 2024, at 9:04 AM, = Zhenlei Huang <zlei@FreeBSD.org> wrote:



On Mar 14, 2024, at 3:07 AM, Marek = Zarychta <zarychtam@plan-b.pwste.edu.pl> wrote:

W dniu = 13.03.2024 o 18:59, Marek Zarychta pisze:
W dniu 13.03.2024 o 16:31, Benoit = Chesneau pisze:
Hrm I = thought it was implemented via https://reviews.freebsd.org/rG62e1a437f3285e785d9b35a476= d36a469a90028d

Wasn't it merged ? (also = pretty sure I did test it in freebsd 13).

FWIW: it works fine on CURRENT

# ifconfig vlan8 destroy
# ifconfig vlan8 = create vlandev bge0 vlan 8 up
# ifconfig vlan8 inet6 = -ifdisabled auto_linklocal
# route add -net 10.11.13.0/24 = -inet6 fe80::360a:11ff:fe1b:404e%vlan8
add net 10.11.13.0: = gateway fe80::360a:11ff:fe1b:404e%vlan8 fib 0

It looks like the fix is in = f818559774cb0c1516364c4beca361480fd68b5b . Zhenlei, could you please MFC = this one[1] ?

Cherry-picking = it to stable/14 makes route fully functional. I have tested it between = stable/14 with this fix applied and CURRENT.

Thanks for = finding the fix and the confirmation , I'll take care of that = :)

Done. The fix and tests are all MFCed into stable/14 = branch.



Host A:

# ifconfig lo10 destroy
# ifconfig lo10 create
# ifconfig lo10 10.11.13.1/24
# ifconfig vlan8 destroy
# ifconfig vlan8 create vlandev bge0 vlan 8 up
# ifconfig = vlan8 inet6 -ifdisabled auto_linklocal
# route add -net 10.11.12.0/24 -inet6 = fe80::6ab5:99ff:febd:8108%vlan8
add net 10.11.12.0: gateway fe80::6ab5:99ff:febd:8108%vlan8 = fib 0
# ping -c5 -S = 10.11.13.1 10.11.12.1
PING 10.11.12.1 (10.11.12.1) from 10.11.13.1: 56 data = bytes
64 bytes from = 10.11.12.1: icmp_seq=3D0 ttl=3D64 time=3D2002.303 ms
64 bytes from = 10.11.12.1: icmp_seq=3D1 ttl=3D64 time=3D1000.461 ms
64 bytes from = 10.11.12.1: icmp_seq=3D2 ttl=3D64 time=3D0.167 ms
64 bytes from = 10.11.12.1: icmp_seq=3D3 ttl=3D64 time=3D0.222 ms
64 bytes from = 10.11.12.1: icmp_seq=3D4 ttl=3D64 time=3D0.207 ms

--- = 10.11.12.1 ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet = loss
round-trip = min/avg/max/stddev =3D 0.167/600.672/2002.303/800.763 ms

Host = B:

# ifconfig = lo10 destroy
# ifconfig = lo10 create
# ifconfig = lo10 10.11.12.1/24
# ifconfig vlan8 destroy
ifconfig: interface vlan8 does not exist
# ifconfig = vlan8 create vlandev bce0 vlan 8 up
# ifconfig vlan8 inet6 -ifdisabled auto_linklocal
# route add = -net 10.11.13.0/24 -inet6 fe80::26be:5ff:fe10:c900%vlan8
add net = 10.11.13.0: gateway fe80::26be:5ff:fe10:c900%vlan8 fib 0
# ping -c5 -S = 10.11.12.1 10.11.13.1
PING 10.11.13.1 (10.11.13.1) from 10.11.12.1: 56 data = bytes
64 bytes from = 10.11.13.1: icmp_seq=3D0 ttl=3D64 time=3D1000.285 ms
64 bytes from = 10.11.13.1: icmp_seq=3D1 ttl=3D64 time=3D0.141 ms
64 bytes from = 10.11.13.1: icmp_seq=3D2 ttl=3D64 time=3D0.231 ms
64 bytes from = 10.11.13.1: icmp_seq=3D3 ttl=3D64 time=3D0.235 ms
64 bytes from = 10.11.13.1: icmp_seq=3D4 ttl=3D64 time=3D0.174 ms

--- = 10.11.13.1 ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet = loss
round-trip = min/avg/max/stddev =3D 0.141/200.213/1000.285/400.036 ms

1. https://cgit.freebsd.org/src/commit/?id=3Df818559774cb0c= 1516364c4beca361480fd68b5b 

Cheers

-- Marek = Zarychta







= --Apple-Mail=_A305FDFA-DFEF-455B-9C05-5EFBCD190554-- --Apple-Mail=_138E9550-2C3B-4A0C-B695-45F6695B4844 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iNUEARYKAH0WIQRj28YmNowGX1isJg7GJJ6Jgbd0XwUCZf2Kel8UgAAAAAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjNE QkM2MjYzNjhDMDY1RjU4QUMyNjBFQzYyNDlFODk4MUI3NzQ1RgAKCRDGJJ6Jgbd0 XxjgAPwKIIHrrxlRRGKKoNRBExxt6gHizfvAOx8nVPZgRXjOkwEA2lKVo/kMQLb6 cnX4W3Nesu7NeKj85ImXLUClOAh3LAE= =gQlo -----END PGP SIGNATURE----- --Apple-Mail=_138E9550-2C3B-4A0C-B695-45F6695B4844--